$OpenBSD: patch-src_value_cpp,v 1.6 2014/03/18 12:02:22 jasper Exp $
--- src/value.cpp.orig	Sun Dec  1 13:13:42 2013
+++ src/value.cpp	Tue Mar 18 11:08:58 2014
@@ -976,7 +976,7 @@ namespace Exiv2 {
         // sprintf wants to add the null terminator, so use oversized buffer
         char temp[9];
 
-        int wrote = sprintf(temp, "%04d%02d%02d",
+        int wrote = snprintf(temp, sizeof temp, "%04d%02d%02d",
                             date_.year, date_.month, date_.day);
         assert(wrote == 8);
         std::memcpy(buf, temp, 8);
@@ -1148,7 +1148,7 @@ namespace Exiv2 {
         char plusMinus = '+';
         if (time_.tzHour < 0 || time_.tzMinute < 0) plusMinus = '-';
 
-        int wrote = sprintf(temp,
+        int wrote = snprintf(temp, sizeof temp,
                    "%02d%02d%02d%1c%02d%02d",
                    time_.hour, time_.minute, time_.second,
                    plusMinus, abs(time_.tzHour), abs(time_.tzMinute));
